____ _ _____ _
| _ \ ___ _ __ | |_ ___ _ __ ___ _ __ |_ _|__ ___ | |___
| |_) / _ \ '_ \| __/ _ \ '__/ _ \ '_ \ | |/ _ \ / _ \| / __|
| __/ __/ | | | || __/ | | __/ |_) | | | (_) | (_) | \__ \
|_| \___|_| |_|\__\___|_| \___| .__/ |_|\___/ \___/|_|___/
|_|
Scan web servers cryptographic parameters and chosen vulnerabilities.
Documentation is available here.
Scan or test:
- Supported SSL/TLS protocols
- Detailed information about the certificate
- Detailed information about the cipher suite the connection was made with
- Web server software used by the server
- Chosen vulnerability tests
- Supported cipher suites for all SSL/TLS protocols
To install from pypi run:
pip install ssltest
To install straight from source run:
git clone git@github.com:SamoKopecky/ssltest.git && \
cd ssltest && \
pip install .
Nmap is required for some functions of the script (--ns/--nmap-scan
and --nd/--nmap-discover
), install on debian-like distros with:
apt-get install -y nmap
Check the CONTRIBUTING.MD file
Basic scan with no vulnerability tests:
ssltest -u nmap.org -t 0
Scan all vulnerability tests and available cipher suites:
ssltest -u nmap.org -cs
Scan for Heartbleed
vulnerability, scan the whole certificate chain and shorted alternative names in the output:
ssltest -u nmap.org -t 9 -cc -sn
Scan using custom config files in debug mode:
ssltest -u nmap.org -c ~/.config/custom_ssltest -d
Copyright (c) 2022 HACKER Consulting s.r.o.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.